We performed a comparison between Cisco Secure Endpoint and WatchGuard Threat Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The setup is pretty simple."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The product detects and blocks threats and is more proactive than firewalls."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The product's initial setup phase is very easy."
"There are several valuable features including strong prevention and exceptional reporting capabilities."
"The visibility and insight this solution gives you into threats is pretty granular. It has constant monitoring. You can get onto the device trajectory to look at a threat, but you can also see what happened prior to the threat. You can see what happened after the threat. You can see what other applications were incorporated into the execution of the threat. For example, you have the event, but you see that the event was launched by Google Chrome, which was launched by something else. Then, after the event, something else was launched by whatever the threat was. Therefore, it gives you great detail, a timeline, and continuity of events leading up to whatever the incident is, and then, after. This helps you understand and nail down what the threat is and how to fix it."
"Cisco has definitely improved our organization a lot. In terms of business, our company feels safer. We actually switched from legacy signature-based solutions to threat intelligence-based and machine learning-based solutions, which is Cisco Secure. This has improved our security significantly, from 10% of signature-based technology security to 99.9% of the current one which we are running. We were happy."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"The simplicity of use is its most valuable feature. You can very clearly see things."
"It provides real-time visibility and control over endpoints, allowing its users to promptly respond to any security incidents and remediate any vulnerabilities."
"The tool provides automated responses."
"The solution is very easy to use."
"The most valuable feature is the correlation of logs from different devices."
"The analytics are important because if there is an abnormality then it provides that information to us."
"The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network."
"I like WatchGuard's network segmentation features. It's easy to configure user policies."
"When you download the executable file from the internet, it automatically sandboxes to make sure it's not doing anything incorrectly."
"The interface is very good."
"The solution should address emerging threats like SQL injection."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We find the solution to be a bit expensive."
"FortiEDR can be improved by providing more detailed reporting."
"The reporting and analytics areas of the solution need to be improved."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"The product does not provide options like tunnel creation or virtual appliances."
"Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems."
"It cannot currently block URLs over websites."
"The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers."
"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"I'd like a few extra features, especially around threat severity assessment."
"This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them."
"The administrative UI/UX could be significantly improved."
"When it comes to live-monitoring, the user-interface could be improved to make things easier."
"The website must provide more information on the product."
"The interface is not the best."
"It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."
"The reporting isn't so good. If they worked to improve this aspect of the solution, it would be much stronger."
More WatchGuard Threat Detection and Response Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 9th in Endpoint Detection and Response (EDR) with 45 reviews while WatchGuard Threat Detection and Response is ranked 26th in Endpoint Detection and Response (EDR) with 12 reviews. Cisco Secure Endpoint is rated 8.6, while WatchGuard Threat Detection and Response is rated 8.2. The top reviewer of Cisco Secure Endpoint writes "Makes it possible to see a threat once and block it across all endpoints and your entire security platform". On the other hand, the top reviewer of WatchGuard Threat Detection and Response writes "Offers deployment simplicity, especially for firewalls and firewall configuration and good documentation available ". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and SentinelOne Singularity Complete, whereas WatchGuard Threat Detection and Response is most compared with CrowdStrike Falcon, Darktrace, Trend Vision One, SentinelOne Singularity Complete and Huntress. See our Cisco Secure Endpoint vs. WatchGuard Threat Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.